Using expensive and non hardware optimized signature verification on mobile devices is a recipe for disaster. I understand the concern, but you have to make choices based on capabilities.
Here's Thomas, causing me to notice Damus doesn't check signatures about 6 months before this other security team. Will's fix was just to add a dialog that says don't connect to relays that you don't "trust" and Jack said "Everything comes down to trade offs. Important that it is ultimately verifiable, and that if you require it you could use another client (if the option doesn’t exist to turn it on/off)."
https://nostr.band/note1jz0hgxlhlazxx3nqj06zex5q2eerprtrgssf9whjzx7ps2ufx4dstvl46p
Then here's Vitor fixing the same problem for amethyst same day.
https://nostr.band/note1dnej4y7zu5tgq7kryrq25dmr88lmhzdt0s4vk4gte0ppm0a672asj47g7e
Anyway, just sayin' .. told ya. Nostr without signatures is an abomination, I don't care how slow it is.
Discussion
well, the choice led to being shamed by the blackhats for it, oh well. add "nostr is insecure" to the checklist of fuds 🤙
Public social media protocol is insecure, is sort of an oxymoron, if you ask me. 🤣
it's kinda the whole point of nostr, and of PGP sigs in email.. but, if you really like impersonator spam yes it's a huge industry enabled by .. not having sigs.
sorry grandma, that wasn't actually your daughter needing money and stuff 🚑sad.
Yes, but how will your grandma remember which npub is the correct one? Also, why would grandma rely on a public forum to verify her daughter?
you have to find the most efficient signature verification algorithm.
and you really have to construct the canonical form and check the provided ID is correct. this is one of the problems with putting the ID on the wire, it becomes easier to forget.
sorry, but there is no way around this. you can't trust rando relays to do it. even if they do, you can't trust all of them to do it.
for mobile devices, checking an secp256k1 siganature on a sha256 hash of an event is not impossible, and anyway there is now fast libraries for both android and iOS. even, on android devices, you can make a little binary tool that runs to do the job. on iOS, the swift code IS binary so it's just a matter of having the actual function available.
the ID thing, yeah, very interesting.. I don't pretend to be a cryptographer but.. I know that no checks is no bueno. Glad you have thought of all this in orly. 🫡
yeah, this is why i tried to make all of the json codec as fast as possible, it's one of the most expensive operations in the stack